I'm currently stuck on how to setup authentication for two OUs in the same LDAP connector. I want to allow only the users that are in these two OUs but not others. The two OUs that I want to authenticate against are ou=users,dc=example,dc=org and ou=people,dc=example,dc=org. I'm using example.org to keep the examples easier to understand. I can get one OU to work just fine. Current config
cas.authn.Ldap[0].type=AD cas.authn.Ldap[0].LdapUrl=https://ldap.example.org cas.authn.Ldap[0].baseDn=dc=example,dc=org cas.authn.Ldap[0].userFilter=cn={user} cas.authn.Ldap[0].bindDn=cn=cas_user,ou=utility,dc=example,dc=org cas.authn.Ldap[0].bindCredential=caspass cas.authn.Ldap[0].principalAttributeId=sAMAccountName cas.authn.Ldap[0].dnFormat=cn=%s,ou=users,dc=example,dc=org I have tried with mulitple different options for the dnFormat trying ldapsearch strings but to no success. Any suggestions on limiting access to two OUs? Thanks Eric -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/74eb0615-fab6-4abb-b62e-30f9277ab341%40apereo.org.